SECTION I— CLAIMS 



Amendment to the Claims: 

This listing of the claims will replace all prior versions and listings of claims in the 
application. Claims 1-25 are canceled herein without prejudice. New claims 26-44 are presented 
herein. Claims 26-44 remain pending in the application. 

Listing of Claims: 

1-25. (Canceled). 

26. (New) A method in a packet forwarder, comprising: 

receiving a connection request from a computing device requesting access to a network; 
issuing the computing device a first Internet Protocol (IP) address assigned to a first Virtual 

Local Area Network (VLAN) communicably interfaced with the packet forwarder, 

wherein the first VLAN does not provide access to the network and is isolated from a 

permanent VLAN that provides access to the network; 
sending the computing device an authentication request via the first VLAN based on the first IP 

address, responsive to the connection request; 
receiving authentication credentials from the computing device via the first VLAN, responsive to 

the authentication request; 
issuing the computing device a replacement IP address assigned to the permanent VLAN for 

communication with the network, responsive to receiving satisfactory authentication 

credentials from the computing device; and 
forwarding network packets between the computing device and the network over the permanent 
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VLAN based on the replacement IP address. 

27. (New) The method of claim 26, wherein receiving the connection request from the 

computing device requesting access to the network comprises: 
intercepting a request from the computing device for a web page. 

28. (New) The method of claim 26, wherein sending the computing device the authentication 

request comprises: 

directing the computing device to a network login page for authentication, the network login 
page accessible on the first VLAN. 

29. (New) The method of claim 28, wherein receiving the authentication credentials from the 

computing device via the first VLAN, responsive to the authentication request comprises: 
receiving at least a user name and a password from the computing device based on information 
captured by the network login page. 

30. (New) The method of claim 28, wherein directing the computing device to the network login 

page for authentication comprises: 
responding to the computing device with a redirect to a Uniform Resource Locator (URL) 
address for the network login page. 

3 1 . (New) The method of claim 26, further comprising: 

sending the authentication credentials to an authentication server; and 

receiving an indication from the authentication server that the authentication credentials are 

authentic and that a user associated with the authentication credentials is authorized to 

access the network. 

32. (New) The method of claim 31, wherein sending the authentication credentials to the 

authentication server comprises: 
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creating a packet comprising the authentication credentials in accordance with a Remote 

Authentication Dial-In User Service (RADIUS) communications protocol; and 
forwarding the packet to a RADIUS server for authentication. 

33. (New) The method of claim 26, wherein the packet forwarder comprises a switch device 

located at an edge of the network to provide packet- forwarding services into the network. 

34. (New) The method of claim 26, further comprising: 

terminating forwarding of the network packets between the computing device and the network 

based on one or more events including: 
exceeding a pre-determined period of inactivity by the computing device; 
receiving a reset signal is from a network login controller communicably interfaced with the 

packet forwarder; 

receiving a termination command from an administrator account requesting forwarding of the 
network packets between the computing device and the network be terminated; 

determining a network connection between the computing device and the packet forwarder is 
disconnected; and 

determining a user of the computing device has logged off of the computing device. 

35. (New) A computer-readable medium having instructions stored thereon that, when executed 

by a processor, cause the processor to perform a method comprising: 
receiving a connection request at a packet forwarder from a computing device requesting access 
to a network; 

issuing the computing device a first Internet Protocol (IP) address assigned to a first Virtual 
Local Area Network (VLAN) communicably interfaced with the packet forwarder, 
wherein the first VLAN does not provide access to the network and is isolated from a 
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permanent VLAN that provides access to the network; 
sending the computing device an authentication request via the first VLAN based on the first IP 

address, responsive to the connection request; 
receiving authentication credentials from the computing device via the first VLAN, responsive to 

the authentication request; 
issuing the computing device a replacement IP address assigned to the permanent VLAN for 

communication with the network, responsive to receiving satisfactory authentication 

credentials from the computing device; and 
forwarding network packets between the computing device and the network over the permanent 

VLAN based on the replacement IP address. 

36. (New) The computer-readable medium of claim 35, wherein receiving the connection request 

from the computing device requesting access to the network comprises: 
intercepting a request from the computing device for a web page. 

37. (New) The computer-readable medium of claim 35, wherein: 

sending the computing device the authentication request comprises directing the computing 

device to a network login page for authentication, the network login page accessible on 
the first VLAN; and wherein 

receiving the authentication credentials from the computing device via the first VLAN, 

responsive to the authentication request comprises receiving user identification data from 
the computing device based on information captured by the network login page. 

38. (New) The computer-readable medium of claim 37, wherein directing the computing device 

to the network login page for authentication comprises: 
responding to the computing device with a redirect to a Uniform Resource Locator (URL) 
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address for the network login page. 

39. (New) The computer-readable medium of claim 35, further comprising: 

sending the authentication credentials to a Remote Authentication Dial-In User Service 

(RADIUS) compatible authentication server; and 
receiving an indication from the RADIUS compatible authentication server that the 

authentication credentials are authentic and that a user associated with the authentication 

credentials is authorized to access the network. 

40. (New) A system comprising: 

means for receiving a connection request at a packet forwarder from a computing device 

requesting access to a network; 
means for issuing the computing device a first Internet Protocol (IP) address assigned to a first 

Virtual Local Area Network (VLAN) communicably interfaced with the packet 

forwarder, wherein the first VLAN does not provide access to the network and is isolated 

from a permanent VLAN that provides access to the network; 
means for sending the computing device an authentication request via the first VLAN based on 

the first IP address, responsive to the connection request; 
means for receiving authentication credentials from the computing device via the first VLAN, 

responsive to the authentication request; 
means for issuing the computing device a replacement IP address assigned to the permanent 

VLAN for communication with the network, responsive to receiving satisfactory 

authentication credentials from the computing device; and 
means for forwarding network packets between the computing device and the network over the 

permanent VLAN based on the replacement IP address. 
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41. (New) The computer-readable medium of claim 40, wherein receiving the connection request 

from the computing device requesting access to the network comprises: 
means for intercepting a request from the computing device for a web page. 

42. (New) The system of claim 40, wherein: 

sending the computing device the authentication request comprises means for directing the 
computing device to a network login page for authentication, the network login page 
accessible on the first VLAN; and wherein 

receiving the authentication credentials from the computing device via the first VLAN, 
responsive to the authentication request comprises means for receiving a user 
identification card from the computing device based on information captured by the 
network login page. 

43. (New) The system of claim 42, wherein directing the computing device to the network login 

page for authentication comprises: 
means for responding to the computing device with a redirect to a Uniform Resource Locator 
(URL) address for the network login page. 

44. (New) The system of claim 40, further comprising: 

means for sending the authentication credentials to a Remote Authentication Dial-In User 

Service (RADIUS) compatible authentication server; and 
means for receiving an indication from the RADIUS compatible authentication server that the 

authentication credentials are authentic and that a user associated with the authentication 

credentials is authorized to access the network. 
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